re: kaslr: better rng

> Ah alright. But in my mail (that you were answering to) I did understand that > the entropy file comes from the previous run; what I was saying was, I would > prefer the file in question to contain random data right away and not just a > seed. In such a way that whoever wants to get random uints

Re: kaslr: better rng

> Date: Wed, 8 Nov 2017 18:23:11 +0100 > From: Maxime Villard > > Le 08/11/2017 à 18:17, Maxime Villard a écrit : > > Le 08/11/2017 à 17:37, Taylor R Campbell a écrit : > >> What's the advantage of (a) changing the on-disk file hierarchy and > >> generating the data on

Re: kaslr: better rng

Le 08/11/2017 à 18:17, Maxime Villard a écrit : Le 08/11/2017 à 17:37, Taylor R Campbell a écrit : Date: Wed, 8 Nov 2017 17:08:42 +0100 From: Maxime Villard Ah alright. But in my mail (that you were answering to) I did understand that the entropy file comes from the previous

Re: kaslr: better rng

Le 08/11/2017 à 17:37, Taylor R Campbell a écrit : Date: Wed, 8 Nov 2017 17:08:42 +0100 From: Maxime Villard Ah alright. But in my mail (that you were answering to) I did understand that the entropy file comes from the previous run; what I was saying was, I would prefer the

Re: kaslr: better rng

> Date: Wed, 8 Nov 2017 17:08:42 +0100 > From: Maxime Villard > > Ah alright. But in my mail (that you were answering to) I did understand that > the entropy file comes from the previous run; what I was saying was, I would > prefer the file in question to contain random data

Re: locking against myself panic (cprng_strongreseed, filt_rndread)

> Date: Wed, 8 Nov 2017 11:22:26 +0100 > From: Edgar Fuß > > > Not surprising: cprng locking was completely hosed in netbsd-6 until > > it got rewritten for netbsd-7. > So I can expect all of my servers to panic at any time? > Can I mitigate the probability of the panic?

Re: kaslr: better rng

Le 07/11/2017 à 17:21, Taylor R Campbell a écrit : Date: Tue, 7 Nov 2017 09:16:25 +0100 From: Maxime Villard Le 06/11/2017 à 19:47, Taylor R Campbell a écrit : The entropy file is supposed to be rewritten each time it's read, and on shutdown, or something like that. Yes, I

Re: mount_apfs?

> On Nov 8, 2017, at 5:07 AM, Edgar Fuß wrote: > >> here's a description of the APFS (Apple File System) format: > So they didn't open-source the code? Apparently not. But an entry in "Hacker news" (on ycombinator) says: An open source implementation is not available

Re: namei and path canonicalization

On Nov 8, 6:54am, dholland-t...@netbsd.org (David Holland) wrote: -- Subject: Re: namei and path canonicalization | We don't, at least as of your changes this afternoon which always set | it... I'm wondering if we should though. Any setugid program that uses | that value is presumptively doing

Re: namei and path canonicalization

> remembering the directory vnode the program was exec'd from > and providing a way to open it as a file handle. Plus some extra measures so you can't escape to there after a chroot(), no?

Re: locking against myself panic (cprng_strongreseed, filt_rndread)

> Not surprising: cprng locking was completely hosed in netbsd-6 until > it got rewritten for netbsd-7. So I can expect all of my servers to panic at any time? Can I mitigate the probability of the panic?

Re: mount_apfs?

> here's a description of the APFS (Apple File System) format: So they didn't open-source the code?

mount_apfs?

In case someone is looking for a challenge, here's a description of the APFS (Apple File System) format: https://blog.cugu.eu/post/apfs/ Cheers, Thomas